APIs are essential ingredients for developing complex software systems. However, they
are difficult to learn and use. As a result, developers can misuse them, resulting in different
types of issues.
Misuse of a programming interface can lead to errors that are very difficult to detect and
can have consequences. Detecting these misuses is not easy.
We have thus developed an approach based on the immune system, a mechanism that
allows to detect known and unknown anomaly types. Here the cells of the organism will be
the good uses of the API and the bad ones will be the foreign cells of the organism. The
immune system has the particularity of being a decentralized system that functions thanks
to detectors, T lymphocytes, whose role is to detect foreign cells. With APImmune we will
therefore generate detectors that have the ability to detect risky uses of APIs.
Our approach was evaluated on two sets of data and more specifically MUBench. The
results show that our approach complements previous works in this area of research. In
addition, the detectors can be generated from source code by abstracting the API usages
and by generating artificial deviations from these usages. Moreover, for the detection purpose,
only the artificial detectors are necessary, and the code used to generate them is not disclosed.
Finally, the detectors can be produced for different versions of the programming interface,
that brings modularity in the detection.